© Copyright Selex ES S.p.A 2014 All rights reserved
A perspective from a Cyber Integrator
From Reactive to Proactive:
The ...
© Copyright Selex ES S.p.A 2014 All rights reserved
What is a Cyber Integrator?
Situation Awareness – of what?
Building a ...
© Copyright Selex ES S.p.A 2014 All rights reserved
What is a Cyber Integrator?
Situation Awareness – of what?
Building a ...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
Threats, vulnerabil...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
Defence (National &...
© Copyright Selex ES S.p.A 2014 All rights reserved
Understand
factors,
methods
and history
Driven by nature and extent of...
© Copyright Selex ES S.p.A 2014 All rights reserved
• Customer desired business objectives
SOLUTIONS ARE BUILT ON:
• Custo...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
Compromising
Abilit...
© Copyright Selex ES S.p.A 2014 All rights reserved
Selex ES: What is a Cyber Integrator?
Situation Awareness – of what?
B...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
Our customers are b...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
And the evidence su...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
https://
https://
A...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
So, we work with en...
© Copyright Selex ES S.p.A 2014 All rights reserved
Selex ES: What is a Cyber Integrator?
Situation Awareness – of what?
B...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
CYBER DOCTRINE
Asse...
© Copyright Selex ES S.p.A 2014 All rights reserved
Taking an Integrators’ approach, we then develop
the Advisory, Skills ...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
• Policy and legisl...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
• Understand and mo...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
What would the outc...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
Detect
Resist
Defen...
© Copyright Selex ES S.p.A 2014 All rights reserved
Selex ES: What is a Cyber Integrator?
Situation Awareness – of what?
B...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
The key characteris...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
The key characteris...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
• To optimise infor...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
Comprehensive Natio...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
And what does all t...
© Copyright Selex ES S.p.A 2014 All rights reserved
Plans
Procedures
Lessons learned
Vulnerabilities
Threats
Impact
Breach...
© Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved
The national effect...
© Copyright Selex ES S.p.A 2014 All rights reserved
Presentation to Kingdom Cyber Security Forum
Thank you for listening
M...
Upcoming SlideShare
Loading in...5
×

Selex Es main conference brief for Kingdom Cyber Security Forum

723

Published on

From Reactive to Proactive:
The power of managed situation awareness

Published in: Technology
1 Comment
1 Like
Statistics
Notes
  • PARA SE CADASTRAR FALE COMIGO wander.jo@hotmail.com
    CLICKPRIME8 UMA EMPRESA CHINESA DE MMN NO BRASIL VEJA!!!!!!!
    - Mega E-Commerce (LOJA VIRTUAL) com mais de 10 Mil Produtos!!
    - Ganhos fixos SEM INDICAR NINGUÉM de até US$ 1.200,00 Mensais (Aprox. R$ 2.400,00/Mês!!!)
    - Matriz Binária com ga nhos de 30% na sua perna menor (*2,00 cada ponto!)
    - Bônus Residual (Mensal) de até 30% na perna menor!
    - INÉDITO Bônus 'UpDirect' seu PATROCINADOR dividindo lucros com você!
    - Plano FREE até U$4.000,00 (U$ vale R$ 2,00 fixo)
    - Bônus de participação de lucro Global da Empesa!
    - Bônus de 30% sobre as suas Venda Diretas
    - Bônus por indicação Direta
    **JUNTE-SE a GIGANTE INTERNACIONAL 'ClickPrime', uma empresa que definitivamente veio para REVOLUCIONAR o Marketing Multinível, iniciando com uma LOJA VIRTUAL (E-Commerce) com mais de 10 MIL PRODUTOS!!!
    mm
    - Estimativa de mais de 1 MILHÃO DE CADASTROS DE AFILIADOS
    www.clickprime8 .com
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
723
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
14
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Selex Es main conference brief for Kingdom Cyber Security Forum"

  1. 1. © Copyright Selex ES S.p.A 2014 All rights reserved A perspective from a Cyber Integrator From Reactive to Proactive: The power of managed situation awareness Presentation to Kingdom Cyber Security Forum May 2014
  2. 2. © Copyright Selex ES S.p.A 2014 All rights reserved What is a Cyber Integrator? Situation Awareness – of what? Building a specific response Benefit from wider system collaboration
  3. 3. © Copyright Selex ES S.p.A 2014 All rights reserved What is a Cyber Integrator? Situation Awareness – of what? Building a specific response Benefit from wider system collaboration
  4. 4. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved Threats, vulnerabilities and underlying information technology are changing at a ferocious pace; so must all the countermeasures Viruses Trojans Botnets Phishing Waterhole Man in the email Policy Training Hardening Intrusion detection Anomaly detection Malware analysis Certification And in complex environments, no single product or service specialist can keep up
  5. 5. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved Defence (National & NATO) National Security Agencies Governments & institutions Law Enforcement Telecommunications Banking & Insurance Healthcare Transport & Utilities Prime Contractors Large Enterprises A Cyber Integrator is typically a systems integrator and manufacturer with a broad perspective of security requirements – and a dedicated security practice
  6. 6. © Copyright Selex ES S.p.A 2014 All rights reserved Understand factors, methods and history Driven by nature and extent of measures required to achieve desired security In some cases, an annual check up Is sufficient. In others, constant monitoring is recommended! Level of threat X Level of vulnerability = Extent of security measures required Understand technical vulnerabilities and weaknesses in security governance and user habits A practiced Cyber Integrator seeks to diagnose before prescribing
  7. 7. © Copyright Selex ES S.p.A 2014 All rights reserved • Customer desired business objectives SOLUTIONS ARE BUILT ON: • Customers’ direct threats and vulnerabilities • Customers’ indirect risks and challenges • Engineered solutions and services A Cyber Integrator takes a systems engineering approach
  8. 8. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved Compromising Ability to Perform Intellectual Property Theft Loss of Financial Control Ability to Recover Threat to Human Safety Affecting Compliance Status Threatening Reputation Clients suffering data loss, theft and cyber attack with serious to existential consequences
  9. 9. © Copyright Selex ES S.p.A 2014 All rights reserved Selex ES: What is a Cyber Integrator? Situation Awareness – of what? Building a specific response Benefit from wider system collaboration
  10. 10. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved Our customers are beset by the same global issues Front office Operations IT and Administration Back office Operations Internal Contractors Bought-in Services Trusted Partners Executive Tactics Relentless Spam Socially engineered Botnet Attack Insider Attack Techniques Phishing Waterhole Spam Insider Procedures Reconnoitre Penetrate Sleep Propagate Control Transmit Transform Weapons Virus Trojan Worm Rootkit Logger Dialler Toolkits VANDALS PROTESTORS THIEVES SPIES NATIONS Deface Destroy Steal Cheat Impair Customer POS, ATM etc BranchPhone Online Contact with Enterprise
  11. 11. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved And the evidence suggests that the money to be made attracts the very best talent – of the wrong sort • Face to face • Online payment • Man in the email (China, Nigeria and South Africa) Fraud Banking Account takeover Automated clearing Global fraud losses linked to ACH and wire fraud for banking institutions Corporate finance Mobile banking and financial transaction threats • $455 million 2012 • 2013 projection - $523 million • 2016 projection - $795 million
  12. 12. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved https:// https:// And enterprises share common vulnerabilities POORLY INSTALLED FIREWALLS USING DEFAULT PASSWORDS POORLY PROTECTED CUSTOMER DATA AT REST POORLY MAINTAINED APPLICATIONS AND SYSTEMS IRRATIONALLY APPLIED ORGANISATION SECURITY POLICY POORLY MAINTAINED ANTI-VIRUS AND IPS/DLP SYSTEMS LOOSE UNDERSTANDING OF NETWORK ACTIVITY INSUFFICIENT ENCRYPTION OF DATA IN TRANSIT LOOSE ‘NEED TO KNOW’ POLICY POORLY PROTECTED CUSTOMER DATA AT REST POORLY MAINTAINED APPLICATIONS AND SYSTEMS IRRATIONALLY APPLIED ORGANISATION SECURITY POLICY POORLY MAINTAINED ANTI-VIRUS AND IPS/DLP SYSTEMS LOOSE UNDERSTANDING OF NETWORK ACTIVITY INSUFFICIENT ENCRYPTION OF DATA IN TRANSIT LOOSE ‘NEED TO KNOW’ POLICY USING DEFAULT PASSWORDS POORLY INSTALLED FIREWALLS
  13. 13. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved So, we work with enterprises to improve awareness of Vulnerabilities, Threats and Attacks Processes People Culture Systems Tools TechniquesDrivers Organisation ThreatsVulnerabilities Level of Damage Tolerance of Damage Technology Procedures And then we start to build the appropriate responses…
  14. 14. © Copyright Selex ES S.p.A 2014 All rights reserved Selex ES: What is a Cyber Integrator? Situation Awareness – of what? Building a specific response Benefit from wider system collaboration
  15. 15. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved CYBER DOCTRINE Assess CYBER SERVICES Assessment Guidance Remediation Projects Managed Services Managed Services A Cyber Integrator draws on a coherent set of services designed to address threats and resolve vulnerabilities • Vulnerability • Maturity Assure Prevent Protect Detect Resist Defend Respond Contain Eradicate Recover Learn • Policy • Certification • Training • System hardening • System provision • Enterprise protective monitoring • Incident response forensics COMPETITIVE ADVANTAGE. INFORMATION SUPERIORITY.
  16. 16. © Copyright Selex ES S.p.A 2014 All rights reserved Taking an Integrators’ approach, we then develop the Advisory, Skills transfer, Change and enduring Services solution to meet the need. Understand factors, methods and history Driven by nature and extent of measures required to achieve desired security But to keep up with changing threats, exploits and attack methods, our services have to be agile, flexible and truly innovative. Level of threat X Level of vulnerability = Extent of security measures required Understand technical vulnerabilities and weaknesses in security governance and user habits
  17. 17. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved • Policy and legislation background • Essential industry architecture • Key industry governance processes • Key financial functions and processes • Key systems We immerse ourselves in your environment: How does a cyber services integrator achieve agility and flexibility?
  18. 18. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved • Understand and model predominant attack/exploit methods • Develop and maintain a library and understanding of characteristic system vulnerabilities • Anticipate next generation exploits • Characterise key domain processes that are subject to attack We maintain sector specific technical expertise, backed by our own wider technical expertise and context Which enables us to provide a coherent set of appropriate services to the companies operating within the particular sector How does a cyber services integrator achieve agility and flexibility?
  19. 19. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved What would the outcome look like? Achievement and maintenance of security compliance Monitoring and real time analysis of anomalies plus development of intelligence data -plus reaching out to external sources Response to incidents: containment, eradication and recovery Development and maintenance of situation awareness, dynamic risk analysis and feed back for training and process improvement - plus deeper malware / TTP analysis (DIY or bought-in) Hardening of key systems Regular vulnerability assessment DeterDetect Through life security AssureRespond Learn Assess Your Cyber Security Capability
  20. 20. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved Detect Resist Defend Respond - Contain - Eradicate - Recover - Learn Deter Protect OrganisationUsersCore Systems Assess Assure © Copyright Selex ES S.p.A 2013 All rights reserved An Enterprise CIRT or equivalent managed service provides the right focus Enterprise CIRT
  21. 21. © Copyright Selex ES S.p.A 2014 All rights reserved Selex ES: What is a Cyber Integrator? Situation Awareness – of what? Building a specific response Benefit from wider system collaboration
  22. 22. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved The key characteristic of national and international response to cyber threats is collaboration © Copyright Selex ES S.p.A 2013 All rights reserved
  23. 23. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved The key characteristic of response is collaboration • Joint research centre – vulnerabilities etc • Pan European exercises • Sector and National CSIRTs • Europol and Interpol: cooperation for Cyber EU CYBER STRATEGY RESTS ON COLLABORATION © Copyright Selex ES S.p.A 2013 All rights reserved
  24. 24. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved • To optimise information sharing, collaboration and interoperability NATO: LISBON DECLARATION The key characteristic of response is collaboration © Copyright Selex ES S.p.A 2013 All rights reserved
  25. 25. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved Comprehensive National Cyber security Initiative • Connecting Cyber Operations Centres • Shared Situational Awareness • Federal, State, Local and Private Sector • Supply chain initiative US INITIATIVES: © Copyright Selex ES S.p.A 2013 All rights reserved The key characteristic of response is collaboration • Education and R&D initiative • FUNDING! The concept of sector and national nodes and hubs for reporting, correlating data and sharing intelligence is gaining momentum
  26. 26. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved And what does all that collaboration provide to the participants? A massive surface area to gather cyber intelligence So, where does one start?
  27. 27. © Copyright Selex ES S.p.A 2014 All rights reserved Plans Procedures Lessons learned Vulnerabilities Threats Impact Breach and incident data Technical indicators of compromise Suggested remediation actions © Copyright Selex ES S.p.A 2013 All rights reserved Vulnerabilities Threats Impact Breach and incident data Sector CIRT Secure and trusted information sharing Enterprise CIRTEnterprise CIRT Within any Business or Government Sector, a federated and trustworthy Sector CIRT would encourage collaboration
  28. 28. © Copyright Selex ES S.p.A 2014 All rights reserved© Copyright Selex ES S.p.A 2014 All rights reserved The national effect: shared situational awareness of network vulnerabilities, threats, and events Banking Oil & GasPower generation Aviation TelecomsMedical Are you seeing what we are seeing?
  29. 29. © Copyright Selex ES S.p.A 2014 All rights reserved Presentation to Kingdom Cyber Security Forum Thank you for listening May 2014
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×